Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains teamcity vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-15848
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user.
Jetbrains Teamcity 2019.1
Jetbrains Teamcity 2019.1.1
9.8
CVSSv3
CVE-2019-12157
In JetBrains UpSource versions prior to 2018.2 build 1293, there is credential disclosure via RPC commands.
Jetbrains Teamcity
Jetbrains Upsource 2018.2
Jetbrains Upsource
6.1
CVSSv3
CVE-2021-31911
In JetBrains TeamCity prior to 2020.2.3, reflected XSS was possible on several pages.
Jetbrains Teamcity
8.8
CVSSv3
CVE-2021-31912
In JetBrains TeamCity prior to 2020.2.3, account takeover was potentially possible during a password reset.
Jetbrains Teamcity
9.8
CVSSv3
CVE-2021-31914
In JetBrains TeamCity prior to 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
Jetbrains Teamcity
9.8
CVSSv3
CVE-2021-31915
In JetBrains TeamCity prior to 2020.2.4, OS command injection leading to remote code execution was possible.
Jetbrains Teamcity
9.8
CVSSv3
CVE-2024-23917
In JetBrains TeamCity prior to 2023.11.3 authentication bypass leading to RCE was possible
Jetbrains Teamcity
1 Article
5.3
CVSSv3
CVE-2022-40979
In JetBrains TeamCity prior to 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable
Jetbrains Teamcity
9.8
CVSSv3
CVE-2024-27198
In JetBrains TeamCity prior to 2023.11.4 authentication bypass allowing to perform admin actions was possible
Jetbrains Teamcity
1 Metasploit module
14 Github repositories
6 Articles
2.7
CVSSv3
CVE-2021-31906
In JetBrains TeamCity prior to 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.
Jetbrains Teamcity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »